npm - @the-ai-company/cbio-node-runtime - Versions diffs - 1.59.1 → 1.61.0 - Mend

@the-ai-company/cbio-node-runtime 1.59.1 → 1.61.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

package/dist/vault-core/core.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import type { AgentListCapabilitiesRequest, AgentListSecretsRequest, AgentListRequestsRequest, AgentGetRequestRequest, AgentRequestResult, AgentGetRuntimeManifestRequest, AgentRuntimeManifest, AgentSubmitCapabilityRequestCommand, AgentVisibleRequestRecord, AgentVisibleSecretRecord, AuditEntry, AuditQuery, CustomHttpFlowDefinition, DispatchAuthorization, DispatchRequest, DispatchResult, OwnerAllowAlwaysCommand, OwnerAllowOnceCommand, OwnerIssueSessionTokenRequest, OwnerDenyCommand, OwnerDeleteSecretCommand, OwnerExportSecretRequest, OwnerRegisterAgentIdentityCommand, OwnerUpdateAgentIdentityCommand, OwnerRegisterCapabilityCommand, OwnerRegisterCustomHttpFlowCommand, OwnerRevokeCapabilityCommand, OwnerListAgentsRequest, OwnerListCapabilitiesRequest, OwnerListCapabilityStatesRequest, OwnerSecretExport, OwnerSessionToken, SecretRecord, SubmitCapabilityRequestCommand, VaultId, VaultPrincipal, VaultWriteSecretCommand, AgentIdentityRecord, AgentCapability, CapabilityStateRecord } from "./contracts.js";
+import type { AgentListCapabilitiesRequest, AgentListSecretsRequest, AgentListRequestsRequest, AgentGetRequestRequest, AgentRequestResult, AgentGetRuntimeManifestRequest, AgentRuntimeManifest, AgentSubmitCapabilityRequestCommand, AgentVisibleRequestRecord, OwnerVisibleRequestRecord, OwnerRequestRecord, AgentVisibleSecretRecord, AuditEntry, AuditQuery, CustomHttpFlowDefinition, DispatchAuthorization, DispatchRequest, DispatchResult, OwnerAllowAlwaysCommand, OwnerAllowOnceCommand, OwnerIssueSessionTokenRequest, OwnerDenyCommand, OwnerCreateSecretCommand, OwnerDeleteSecretCommand, OwnerExportSecretRequest, OwnerRegisterAgentIdentityCommand, OwnerUpdateAgentIdentityCommand, OwnerRegisterCapabilityCommand, OwnerRegisterCustomHttpFlowCommand, OwnerRevokeCapabilityCommand, OwnerListAgentsRequest, OwnerListCapabilitiesRequest, OwnerListRequestsRequest, OwnerGetRequestRequest, OwnerListCapabilityStatesRequest, OwnerSecretExport, OwnerSessionToken, SecretRecord, SubmitCapabilityRequestCommand, VaultId, VaultPrincipal, VaultWriteSecretCommand, AgentIdentityRecord, AgentCapability, CapabilityStateRecord } from "./contracts.js";
 import type { VaultCoreDependencies } from "./ports.js";
 /**
  * The Sovereign Vault Core.
@@ -20,6 +20,8 @@ export declare class VaultCore {
     private _listVisibleSecretsForAgent;
     private _recordRequestExecution;
     private toVisibleRequestRecord;
+    private toOwnerVisibleRequestRecord;
+    private toOwnerRequestRecord;
     ownerOnCapabilityState(callback: (record: CapabilityStateRecord) => void): () => void;
     ownerRegisterAgentIdentity(command: OwnerRegisterAgentIdentityCommand): Promise<void>;
     ownerUpdateAgentIdentity(command: OwnerUpdateAgentIdentityCommand): Promise<AgentIdentityRecord>;
@@ -28,7 +30,12 @@ export declare class VaultCore {
     _getCapability(vaultId: import("./contracts.js").VaultId, agentId: string, capabilityId: string): Promise<AgentCapability | null>;
     ownerRegisterCustomFlow(command: OwnerRegisterCustomHttpFlowCommand): Promise<void>;
     _storeCustomFlowSecret(flow: CustomHttpFlowDefinition, alias: string, plaintext: string): Promise<SecretRecord>;
+    private _getActiveSecretByAlias;
+    private _persistNewSecretRecord;
+    ownerCreateSecret(command: OwnerCreateSecretCommand): Promise<SecretRecord>;
+    ownerUpdateSecret(command: import("./contracts.js").OwnerUpdateSecretCommand): Promise<SecretRecord>;
     ownerWriteSecret(command: VaultWriteSecretCommand): Promise<SecretRecord>;
+    ownerRemoveSecret(command: OwnerDeleteSecretCommand): Promise<void>;
     ownerDeleteSecret(command: OwnerDeleteSecretCommand): Promise<void>;
     agentAuthorizeDispatch(request: DispatchRequest): Promise<DispatchAuthorization>;
     agentDispatchSecret(request: DispatchRequest): Promise<DispatchResult>;
@@ -45,6 +52,12 @@ export declare class VaultCore {
     ownerListCapabilities(actor: VaultPrincipal & {
         kind: "owner";
     }, agentId?: string, request?: Omit<OwnerListCapabilitiesRequest, "actor" | "agentId" | "vaultId">): Promise<readonly AgentCapability[]>;
+    ownerListRequests(actor: VaultPrincipal & {
+        kind: "owner";
+    }, agentId?: string, request?: Omit<OwnerListRequestsRequest, "actor" | "agentId" | "vaultId">): Promise<readonly OwnerVisibleRequestRecord[]>;
+    ownerGetRequest(actor: VaultPrincipal & {
+        kind: "owner";
+    }, targetRequestId: string, request?: Omit<OwnerGetRequestRequest, "actor" | "targetRequestId" | "vaultId">): Promise<OwnerRequestRecord>;
     ownerListSecrets(actor: VaultPrincipal & {
         kind: "owner";
     }, request?: {

package/dist/vault-core/core.js CHANGED Viewed

@@ -4,6 +4,66 @@ import { verifySignature } from "../protocol/crypto.js";
 import { getAgentToolbox } from "./tool-metadata.js";
 import { InMemoryRequestRecordRegistry } from "./defaults.js";
 const VAULT_MASTER_ID = "vault-master";
+function redactResponseShapeValue(value) {
+    if (value === null || value === undefined) {
+        return null;
+    }
+    if (Array.isArray(value)) {
+        return value.map((entry) => redactResponseShapeValue(entry));
+    }
+    if (typeof value === "object") {
+        return Object.fromEntries(Object.entries(value).map(([key, entry]) => [key, redactResponseShapeValue(entry)]));
+    }
+    return null;
+}
+function applyResponseReadPolicy(body, policy) {
+    if (body === undefined)
+        return body;
+    if (policy.mode === "full")
+        return body;
+    if (policy.mode === "none")
+        return undefined;
+    let parsed;
+    try {
+        parsed = JSON.parse(body);
+    }
+    catch {
+        return policy.mode === "shape_only" ? JSON.stringify(null) : undefined;
+    }
+    if (policy.mode === "shape_only") {
+        return JSON.stringify(redactResponseShapeValue(parsed));
+    }
+    if (policy.mode !== "custom") {
+        return body;
+    }
+    const result = {};
+    for (const path of policy.paths ?? []) {
+        const segments = path.split(".").filter(Boolean);
+        if (!segments.length)
+            continue;
+        let source = parsed;
+        let valid = true;
+        for (const segment of segments) {
+            if (source && typeof source === "object" && segment in source) {
+                source = source[segment];
+            }
+            else {
+                valid = false;
+                break;
+            }
+        }
+        if (!valid)
+            continue;
+        let target = result;
+        for (let index = 0; index < segments.length - 1; index += 1) {
+            const segment = segments[index];
+            target[segment] ??= {};
+            target = target[segment];
+        }
+        target[segments[segments.length - 1]] = source;
+    }
+    return JSON.stringify(result);
+}
 function toAuditEntry(deps, actor, action, outcome, detail, options) {
     return {
         entryId: deps.ids.newAuditEntryId(),
@@ -22,22 +82,32 @@ function toAuditEntry(deps, actor, action, outcome, detail, options) {
         agentId: options?.agentId,
     };
 }
-function buildSecretRecord(deps, command) {
+function buildSecretRecord(deps, command, previousRecord) {
     const now = deps.clock.nowIso();
     const source = command.source?.kind === "request" && command.source.requestId
         ? { kind: "request", requestId: command.source.requestId }
         : { kind: "manual" };
+    const previousVersion = previousRecord ? Number.parseInt(previousRecord.version.value, 10) : 0;
+    const nextVersion = Number.isFinite(previousVersion) ? previousVersion + 1 : 1;
     return {
         vaultId: deps.vaultId,
         secretId: deps.ids.newSecretId(),
         alias: { value: command.alias },
-        version: deps.ids.newVersion(),
+        version: { value: String(nextVersion) },
+        lifecycleStatus: "ACTIVE",
+        previousSecretId: previousRecord?.secretId,
         issuerId: command.kind === "issuer.write_secret" ? command.issuerSiteId : null,
         source,
         createdAt: now,
         updatedAt: now,
     };
 }
+function isSecretActive(record) {
+    if (record.lifecycleStatus) {
+        return record.lifecycleStatus === "ACTIVE";
+    }
+    return !record.retiredAt;
+}
 function normalizeScopeTarget(targetUrl) {
     try {
         const parsed = new URL(targetUrl);
@@ -203,6 +273,7 @@ export class VaultCore {
                 proof: pending.proof,
                 requestId: pending.requestId,
                 requestedAt: pending.requestedAt,
+                skipReplayGuard: true,
             });
         }
         else if (mode === "grant") {
@@ -307,7 +378,10 @@ export class VaultCore {
             const authorizedCapabilities = capabilityMap.get(record.secretId.value) ?? [];
             return {
                 vaultId: record.vaultId,
+                secretId: record.secretId,
                 alias: record.alias,
+                version: record.version,
+                lifecycleStatus: record.lifecycleStatus ?? "ACTIVE",
                 issuerId: record.issuerId,
                 source: record.source,
                 createdAt: record.createdAt,
@@ -359,6 +433,52 @@ export class VaultCore {
             resultVisible: readStatus === "APPROVED",
         };
     }
+    toOwnerVisibleRequestRecord(record, state) {
+        return {
+            requestId: record.requestId,
+            createdAt: record.createdAt,
+            agentId: record.agentId,
+            capabilityId: record.capabilityId,
+            operation: record.operation,
+            targetUrl: record.request.targetUrl,
+            method: record.request.method,
+            executionStatus: record.execution.status,
+            responseStatus: record.response?.status,
+            error: record.response?.error,
+            writeStatus: state?.actions.write.status ?? "PENDING",
+            readStatus: state?.actions.read.status ?? "PENDING",
+            hasResponseBody: typeof record.response?.body === "string" && record.response.body.length > 0,
+        };
+    }
+    toOwnerRequestRecord(record, state) {
+        return {
+            requestId: record.requestId,
+            createdAt: record.createdAt,
+            agentId: record.agentId,
+            capabilityId: record.capabilityId,
+            operation: record.operation,
+            request: {
+                targetUrl: record.request.targetUrl,
+                method: record.request.method,
+                headers: record.request.headers ? { ...record.request.headers } : undefined,
+                body: record.request.body,
+                secretId: record.request.secretId,
+            },
+            response: record.response
+                ? {
+                    status: record.response.status,
+                    headers: record.response.headers ? { ...record.response.headers } : undefined,
+                    body: record.response.body,
+                    error: record.response.error,
+                }
+                : undefined,
+            actions: {
+                write: state?.actions.write ?? { action: "write", status: "PENDING" },
+                read: state?.actions.read ?? { action: "read", status: "PENDING" },
+            },
+            executionStatus: record.execution.status,
+        };
+    }
     ownerOnCapabilityState(callback) {
         this._capabilityStateObservers.add(callback);
         return () => {
@@ -556,7 +676,7 @@ export class VaultCore {
             throw new VaultCoreError("alias already bound to existing secret", "VAULT_WRITE_DENIED");
         }
         const record = buildSecretRecord(this._deps, {
-            kind: "owner.write_secret",
+            kind: "owner.create_secret",
             vaultId: this._deps.vaultId,
             requestId,
             owner: actor,
@@ -585,7 +705,36 @@ export class VaultCore {
         }
         return record;
     }
-    async ownerWriteSecret(command) {
+    async _getActiveSecretByAlias(alias) {
+        const matches = (await this._deps.secrets.list(this._deps.vaultId))
+            .filter((record) => record.alias.value === alias && isSecretActive(record));
+        if (matches.length > 1) {
+            throw new VaultCoreError(`multiple active secrets found for alias: ${alias}`, "VAULT_WRITE_DENIED");
+        }
+        return matches[0] ?? null;
+    }
+    async _persistNewSecretRecord(record, plaintext, actor, successDetail) {
+        try {
+            await this._deps.custody.store(record.secretId, plaintext);
+            await this._deps.secrets.save(record);
+            await this._appendAudit(toAuditEntry(this._deps, actor, AuditAction.WRITE_SECRET, AuditOutcome.SUCCEEDED, successDetail, {
+                secretAlias: record.alias.value,
+                secretId: record.secretId.value,
+            }));
+        }
+        catch (error) {
+            await Promise.allSettled([
+                this._deps.secrets.delete(record.secretId),
+                this._deps.custody.delete(record.secretId),
+            ]);
+            throw error;
+        }
+        return record;
+    }
+    async ownerCreateSecret(command) {
+        return this.ownerWriteSecret(command);
+    }
+    async ownerUpdateSecret(command) {
         if (command.vaultId.value !== this._deps.vaultId.value) {
             throw new VaultCoreError("write vault mismatch", "VAULT_WRITE_DENIED");
         }
@@ -594,47 +743,89 @@ export class VaultCore {
         }
         catch (error) {
             const detail = error instanceof Error ? error.message : String(error);
-            await this._appendAudit(toAuditEntry(this._deps, command.kind === "owner.write_secret" ? command.owner : command.issuer, AuditAction.WRITE_SECRET, AuditOutcome.DENIED, detail, {
+            await this._appendAudit(toAuditEntry(this._deps, command.owner, AuditAction.WRITE_SECRET, AuditOutcome.DENIED, detail, {
                 secretAlias: command.alias,
             }));
             throw error;
         }
-        const existing = await this._deps.secrets.getByAlias({ value: command.alias });
-        if (existing) {
-            await this._appendAudit(toAuditEntry(this._deps, command.kind === "owner.write_secret" ? command.owner : command.issuer, AuditAction.REASSIGN_ALIAS, AuditOutcome.DENIED, "alias already bound to existing secret; explicit alias lifecycle required", {
-                secretAlias: existing.alias.value,
-                secretId: existing.secretId.value,
-            }));
-            throw new VaultCoreError("alias already bound to existing secret", "VAULT_WRITE_DENIED");
+        const existing = await this._getActiveSecretByAlias(command.alias);
+        if (!existing) {
+            throw new VaultCoreError(`secret not found: ${command.alias}`, "VAULT_SECRET_NOT_FOUND");
         }
-        const record = buildSecretRecord(this._deps, command);
+        const record = buildSecretRecord(this._deps, command, existing);
+        const supersededAt = this._deps.clock.nowIso();
+        const superseded = {
+            ...existing,
+            lifecycleStatus: "SUPERSEDED",
+            supersededBySecretId: record.secretId,
+            supersededAt,
+            retiredAt: supersededAt,
+            updatedAt: supersededAt,
+        };
+        let custodyStored = false;
+        let previousSuperseded = false;
+        let newRecordSaved = false;
         try {
             await this._deps.custody.store(record.secretId, command.plaintext);
+            custodyStored = true;
+            await this._deps.secrets.save(superseded);
+            previousSuperseded = true;
             await this._deps.secrets.save(record);
-            await this._appendAudit(toAuditEntry(this._deps, command.kind === "owner.write_secret" ? command.owner : command.issuer, AuditAction.WRITE_SECRET, AuditOutcome.SUCCEEDED, "secret stored", {
+            newRecordSaved = true;
+            await this._appendAudit(toAuditEntry(this._deps, command.owner, AuditAction.WRITE_SECRET, AuditOutcome.SUCCEEDED, "secret updated", {
                 secretAlias: record.alias.value,
                 secretId: record.secretId.value,
             }));
+            return record;
         }
         catch (error) {
+            if (previousSuperseded) {
+                await Promise.allSettled([this._deps.secrets.save(existing)]);
+            }
             await Promise.allSettled([
-                this._deps.secrets.delete(record.secretId),
-                this._deps.custody.delete(record.secretId),
+                newRecordSaved ? this._deps.secrets.delete(record.secretId) : Promise.resolve(),
+                custodyStored ? this._deps.custody.delete(record.secretId) : Promise.resolve(),
             ]);
             throw error;
         }
-        return record;
     }
-    async ownerDeleteSecret(command) {
-        const record = await this._deps.secrets.getByAlias({ value: command.alias });
+    async ownerWriteSecret(command) {
+        if (command.vaultId.value !== this._deps.vaultId.value) {
+            throw new VaultCoreError("write vault mismatch", "VAULT_WRITE_DENIED");
+        }
+        try {
+            await this._deps.policy.authorizeWrite(command);
+        }
+        catch (error) {
+            const detail = error instanceof Error ? error.message : String(error);
+            await this._appendAudit(toAuditEntry(this._deps, command.kind === "issuer.write_secret" ? command.issuer : command.owner, AuditAction.WRITE_SECRET, AuditOutcome.DENIED, detail, {
+                secretAlias: command.alias,
+            }));
+            throw error;
+        }
+        const existing = await this._getActiveSecretByAlias(command.alias);
+        if (existing) {
+            await this._appendAudit(toAuditEntry(this._deps, command.kind === "issuer.write_secret" ? command.issuer : command.owner, AuditAction.REASSIGN_ALIAS, AuditOutcome.DENIED, "alias already bound to existing secret; explicit alias lifecycle required", {
+                secretAlias: existing.alias.value,
+                secretId: existing.secretId.value,
+            }));
+            throw new VaultCoreError("alias already bound to existing secret", "VAULT_WRITE_DENIED");
+        }
+        const record = buildSecretRecord(this._deps, command);
+        return this._persistNewSecretRecord(record, command.plaintext, command.kind === "issuer.write_secret" ? command.issuer : command.owner, "secret created");
+    }
+    async ownerRemoveSecret(command) {
+        const record = await this._getActiveSecretByAlias(command.alias);
         if (!record) {
             throw new VaultCoreError(`secret not found: ${command.alias}`, "VAULT_SECRET_NOT_FOUND");
         }
-        const retiredAt = this._deps.clock.nowIso();
+        const removedAt = this._deps.clock.nowIso();
         await this._deps.secrets.save({
             ...record,
-            updatedAt: retiredAt,
-            retiredAt,
+            lifecycleStatus: "REMOVED",
+            updatedAt: removedAt,
+            removedAt,
+            retiredAt: removedAt,
         });
         await this._appendAudit(toAuditEntry(this._deps, command.owner, AuditAction.DELETE_SECRET, AuditOutcome.SUCCEEDED, `retired secret ${command.alias}`, {
             requestId: command.requestId,
@@ -642,6 +833,9 @@ export class VaultCore {
             secretId: record.secretId.value,
         }));
     }
+    async ownerDeleteSecret(command) {
+        return this.ownerRemoveSecret(command);
+    }
     async agentAuthorizeDispatch(request) {
         if (request.vaultId.value !== this._deps.vaultId.value) {
             throw new VaultCoreError("request vault mismatch", "VAULT_DISPATCH_DENIED");
@@ -659,7 +853,9 @@ export class VaultCore {
             };
         }
         try {
-            await this._deps.replayGuard.assertNotReplayed(request);
+            if (!request.skipReplayGuard) {
+                await this._deps.replayGuard.assertNotReplayed(request);
+            }
             await this._deps.agentProofVerifier.verify(request);
             // Removed direct policy.authorizeDispatch here to handle discovery
         }
@@ -885,6 +1081,28 @@ export class VaultCore {
         }));
         return capabilities;
     }
+    async ownerListRequests(actor, agentId, request) {
+        const records = await this._deps.requests.list(this._deps.vaultId, agentId);
+        const states = await this._deps.capabilityStates.list(this._deps.vaultId, agentId);
+        const stateByRequestId = new Map(states.filter((state) => state.requestId).map((state) => [state.requestId, state]));
+        await this._appendAudit(toAuditEntry(this._deps, actor, AuditAction.LIST_REQUESTS, AuditOutcome.ALLOWED, "request records listed", {
+            requestId: request?.requestId,
+            agentId,
+        }));
+        return records.map((record) => this.toOwnerVisibleRequestRecord(record, stateByRequestId.get(record.requestId) ?? null));
+    }
+    async ownerGetRequest(actor, targetRequestId, request) {
+        const record = await this._deps.requests.get(this._deps.vaultId, targetRequestId);
+        if (!record) {
+            throw new VaultCoreError("request record not found", "VAULT_READ_DENIED");
+        }
+        const state = await this._deps.capabilityStates.getByRequestId(this._deps.vaultId, targetRequestId);
+        await this._appendAudit(toAuditEntry(this._deps, actor, AuditAction.READ_REQUEST, AuditOutcome.ALLOWED, "request record read", {
+            requestId: request?.requestId,
+            agentId: record.agentId,
+        }));
+        return this.toOwnerRequestRecord(record, state);
+    }
     async ownerListSecrets(actor, request) {
         const records = await this._deps.secrets.list(this._deps.vaultId);
         await this._appendAudit(toAuditEntry(this._deps, actor, AuditAction.READ_AUDIT, AuditOutcome.ALLOWED, "secret metadata listed", {
@@ -892,7 +1110,10 @@ export class VaultCore {
         }));
         return records.map((record) => ({
             vaultId: record.vaultId,
+            secretId: record.secretId,
             alias: record.alias,
+            version: record.version,
+            lifecycleStatus: record.lifecycleStatus ?? "ACTIVE",
             issuerId: record.issuerId,
             source: record.source,
             createdAt: record.createdAt,
@@ -934,11 +1155,14 @@ export class VaultCore {
         }
         const state = await this._deps.capabilityStates.getByRequestId(this._deps.vaultId, request.targetRequestId);
         const readApproved = state?.actions.read.status === "APPROVED";
+        const responseBody = readApproved
+            ? applyResponseReadPolicy(record.response?.body, state?.read ?? { mode: "full" })
+            : undefined;
         return {
             requestId: record.requestId,
             executionStatus: record.execution.status,
             responseStatus: record.response?.status,
-            responseBody: readApproved ? record.response?.body : undefined,
+            responseBody,
             error: record.response?.error,
         };
     }
@@ -1105,6 +1329,12 @@ export class VaultCore {
         const decidedAt = this._deps.clock.nowIso();
         const next = {
             ...pending,
+            read: command.read
+                ? {
+                    mode: command.read.mode,
+                    paths: command.read.paths ? [...command.read.paths] : undefined,
+                }
+                : pending.read,
             decidedAt,
             actions: {
                 ...pending.actions,